Abstract :
[en] Gossip-based content dissemination protocols are a scalable and cheap alternative to
centralized content sharing systems. However, it is well known that these protocols
suffer from rational nodes, i.e., nodes that aim at downloading the content without
contributing their fair share to the system. While the problem of rational nodes that act
individually has been well addressed in the literature, colluding rational nodes is still
an open issue. In addition, previous rational-resilient gossip-based solutions require
nodes to log their interactions with others, and disclose the content of their logs, which
may disclose sensitive information. Nowadays, a consensus exists on the necessity
of reinforcing the control of users on their personal information. Nonetheless, to the
best of our knowledge no privacy-preserving rational-resilient gossip-based content
dissemination system exists.
The contributions of this thesis are twofold.
First, we present AcTinG, a protocol that prevents rational collusions in gossip-based
content dissemination protocols, while guaranteeing zero false positive accusations.
AcTing makes nodes maintain secure logs and mutually check each others’ correctness
thanks to verifiable but non predictable audits. As a consequence of its design, it is
shown to be a Nash-equilibrium. A performance evaluation shows that AcTinG is able
to deliver all messages despite the presence of colluders, and exhibits similar scalability
properties as standard gossip-based dissemination protocols.
Second, we describe P AG, the first accountable and privacy-preserving gossip pro-
tocol. P AG builds on a monitoring infrastructure, and homomorphic cryptographic
procedures to provide privacy to nodes while making sure that nodes forward the
content they receive. The theoretical evaluation of P AG shows that breaking the
privacy of interactions is difficult, even in presence of a global and active opponent.
We assess this protocol both in terms of privacy and performance using a deployment
performed on a cluster of machines, simulations involving up to a million of nodes, and
theoretical proofs. The bandwidth overhead is much lower than existing anonymous
communication protocols, while still being practical in terms of CPU usage.